Re: Coverity Open Source Defect Scan of Linux
From: Jesper Juhl
Date: Mon Mar 06 2006 - 13:50:49 EST
On 3/6/06, Pavel Machek <pavel@xxxxxx> wrote:
> On Ne 05-03-06 21:35:11, Ben Chelf wrote:
> > Hello Linux Developers,
> >
> > I'm the CTO of Coverity, Inc., a company that does static source code
> > analysis to look for defects in code. You may have heard of us or of our
> > technology from its days at Stanford (the "Stanford Checker"). The
> > reason I'm writing is because we have set up a framework internally to
> > continually scan open source projects and provide the results of our
> > analysis back to the developers of those projects. Linux is one of the
> > 32 projects currently scanned at:
> >
> > http://scan.coverity.com
> >
> > My belief is that we (Coverity) must reach out to the developers of
> > these packages (you) in order to make progress in actually fixing the
> > defects that we happen to find, so this is my first step in that
> > mission. Of course, I think Coverity technology is great, but I want
>
> Could you just open the (kernel) results to the public? Going after
> warnings from compiler (afaics that's roughly what coverity is) is
> ideal janitorial job, and job where many people -- not only core
> developers -- can help.
> Pavel
I agree.
Cleaning some of this stuff up is something that I would be prepared
to work on, but I honestly can't be bothered to have to "register"
with coverity for the privilege of seeing the bug-reports...
Linux is a public project, just make the bug-reports/check results
public somewhere so we can all work on them.
--
Jesper Juhl <jesper.juhl@xxxxxxxxx>
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please http://www.expita.com/nomime.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/